No more hiding in the server room
Firewall software/Hardware on the Cheap?
We were discussing firewalls, and I was asked recently what would be a good firewall solution for a Church or a small business.
I use IP Cop at home, running on a old Pentium 3 box. I am hesitant to suggest it for a production environment, even if it a light duty scenario.
Suggestions? Low cost is a must.
I use IP Cop at home, running on a old Pentium 3 box. I am hesitant to suggest it for a production environment, even if it a light duty scenario.
Suggestions? Low cost is a must.
Views: 5
Replies to This Discussion
-
Permalink Reply by Jeff Hengesbach on -
At the most basic level, pick up any device supported by DD-WRT from a local store ($50-$100) - or ebay for even less. I've also worked with some of the smaller Sonicwall devices - and they are OK, but the nicer features are definitely held back for the more expensive models.
-
Permalink Reply by Isaac on -
If there's enough money I'd go with an ASA5505. Otherwise I'd use a soekris box running OpenBSD or another *nix of your choice. Lastly, if even the soekris box was too much I'd go with an old PC and again run one of the *nixs on it.
I'm aware that an old PC is larger, generates more heat, and consumes more power then a SOHO router\firewall but I've never been impressed with the reliability of the wrt54 and the like. Sure, running alternate firmware on it helps a lot but it's still not something I'd care to use.
-
Permalink Reply by Craig on -
pfSense on an old pc or embedded type platform (soekris, mini-itx etc) will do more than most people need
-
Permalink Reply by John McGrath on -
@Jeff: While DD-WRT firmware is better than the stock Cisco/Linksys, it really doesn't do much in the way of firewalling.
@Issac: I not run Soekris, and will have to investigate it.
@Craig: That is what IPCop is, a software firewall solution that will run on relic (386, 486) grade hardware.
@All: Thanks for the suggestions!
-
Permalink Reply by Paul Stoklosa on -
Any of the linux distros on a pc would give you great control, if you're willing to deal with downtime when the hard drive, fan or memory fail... what specific requirements do you have? I haven't had experience with, but would like to try out the vyatta devices.. I think they start at about $800.
-
Permalink Reply by John McGrath on
-
@Paul: Specific requirements are:
1. 10-20 Windows based users.
2. Workgroup, no AD.
3. Web browsing, proxy, Blacklisting available.
4. Easy interface for novice to intermediate administration.
5. Inexpensive to purchase and maintain.
Yes, I agree that most Linux distro's have most of these features. The most prominent issue would be that the administrator would be familiar with Windows (Point and Click interface).
-
Permalink Reply by Geoff Gardiner on -
> the administrator would be familiar with Windows (Point and Click interface)
That's not a feature of Windows only (e.g. Firestarter http://www.fs-security.com/). But maybe you'd rather not use your old Pentium 3 for the job anyway.
-
Permalink Reply by John McGrath on
-
I will look into the site, Geoff. Thanks!
-
Permalink Reply by Glenn Borowski on
-
pfsense sounds like it may be a fit for what you are looking for (http://www.pfsense.org). It's BSD and light weight. It provides traffic graphs, dhcp, vpn server and much more with just a webpage to administer it. I've used it in small offices as well as at home.
-
Permalink Reply by Constantin Visan on
-
I use a m0n0wall firewall on very old 486 computer. But you have others solution like : redWall Firewall CD or SmoothWall all are for free and good.
© 2012 Created by Elizabeth Ayer and Michael Francis.
Powered by 
.
